We discuss Austen’s early bet on serverless computing from the first time he saw AWS Lambda. Serverless, even in the early days, has many benefits. It is microservice-based, event-driven, requires no administration, and has a compelling “pay-per-execution” pricing model.
Serverless was launched as an application framework. The problem with serverless computing today is that if you want to build a sophisticated system on this type of service, you’re dealing with lots of independent units of deployment. One application is a combination of many Lambda functions. Dealing with this all-together, not to mention the event-driven computing, can be chaotic. Serverless offers a simple file that can define a serverless application. The framework provisions all the infrastructure for you and the app is up in seconds.
We are still in the early phases of serverless computing and the trend is still yet to be defined. It’s impressive how fast the cloud providers are moving with serverless computing and building new features around it. Adoption from enterprises has also been fast. The challenges of serverless computing are that there are a lot of changes at once for an organization to adopt it, and this often requires cultural shifts as well. Serverless computing requires a new way of thinking for enterprises, which is a challenge. But the for enterprises who embrace it, the gains are worth it.
We discuss the changing face of large enterprises when innovating with technology. The technology we see in big web companies from Facebook, Google, and Amazon is absolutely going to be used to reinvent how large enterprises function. But large enterprises do not need to transform into tech companies like Google to be successful. More likely the opposite is the case. Enterprises need to realize that they already are a great source of innovation and that with a focus on customers and on technology they can lead the way to success. It does not have to look exactly like Google for large enterprises to be innovative.
Figuring out what you want it to feel like is the hardest part for large enterprises. If you’re a traditional tire company, for instance, you know the tire industry but you don’t know what it feels like to be a technology company that moves quickly and safely. So how do you get the people inside the tire company to know what it feels like to move fast? How they can apply that to tires? Knowing how the business works is incredibly important and these enterprises know their markets better than anyone. The trick is to teach them how to use technology to enhance the business they already know.
Chef is a company built around automation. It began with infrastructure automation and has now added other products. Chef found bottlenecks at security and compliance, which led to InSpec. InSpec allows you to include compliance within code so you can continuously test and ensure you are compliant with standards. Another new Chef product is Habitat for application automation. Habitat acts as a smart supervisor who can build and release the application and manage it as well.
We discuss the founding story of CloudHealth, testing ideas to find the right problem to solve. We look at how Joe took the company from idea through finding early customers and fundraising. Joe made sure early on not to get attached to ideas, but to define key hypotheses and converge to the real opportunities through testing. As he became more confident in what he was building, he began to write more of the code for it. We look at why successful entrepreneurs need to be willing to embrace contrary opinions.
CloudHealth does cloud service management. They deliver a SaaS-based single pane of glass, single pane of governance for managing the full life-cycle of applications and infrastructure across public and private clouds. They currently have four products: Amazon, Azure, Google, and a Data Center product. Each provides integrated reporting, recommendations, and active policy management. The policy management does not just monitor changes that deviate from your internal policies, but drives active changes to your environments to keep them in compliance. It works like a control plane that sits on top of everything you use to manage different environments.
A typical management suite in the cloud consists of 10-12 different tools as well as multiple different cloud environments. CloudHealth allows you to configure them all in the platform, they collect all the information that resides in those different integrations of cloud environments, and bring it back into one console in terms of what the data means and how it interacts. CloudHealth then provides integrated reporting, integrated recommendations, and active policy recommendations. With a click of a button, you can determine what it would take to integrate different tools and what provisioning the integration requires. This makes managing the cloud much more streamlined and cost-efficient.
We discuss security in Microsoft Azure where they have a mindset of assumed breach. How we’ve historically done security is we have looked to build more walls, moats, and force fields to keep the bad guys out. We’ve spent a long time building walls, but they can be hacked and they have. We should not stop prevention efforts, but what we should start to assume you have already been breached and be ready for that. When you assume you’ve already been breached, then focus on detection is critical. The average attacker has been in your system for 280 days before they have been detected, which gives them a lot of time. The goal is to reduce that time to a few days.
We look at Microsoft Azure Active Directory integration. This is meant to be used when deploying new applications into the cloud. Many of these tools allow developers to be able to focus on what really matters instead of focusing on putting out fires.
Microsoft is currently creating improved security standards, starting with a PCI template to help enterprises with regulations.
Encryption can sometimes be difficult with the Key Vault process. Microsoft is aware of some of the challenges and is working on revamping documentation for Key Vault to ease the difficulty. It is a great service that can make life easier, which is why the documentation updates will help make the product more accessible.
Azure Security Center allows you to control you security from one place, and gives recommendations and alerts based on anomaly detection. For hybrid deployments, there is a solution coming soon from Azure Security Center.
We discuss what serverless computing means for OpenStack private clouds. It is time to recognize that hybrid is here for a long time and we will be mixing public clouds with private clouds in the long run. We also look at Red Hat’s recent deal with AWS for OpenShift. This is another example of coopetition with AWS, which has sought out many more partnerships lately. Vendors are finding more opportunities to partner with AWS to prevent themselves from losing customers.